search

megabyte-labs / install.doctor

A glorious combination of application / theme settings and a performant cross-platform, desktop-oriented software suite.
https://megabyte.space
Other
102 stars 23 forks source link

Automatically setup `secretive` #31

Open ProfessorManhattan opened 1 year ago

ProfessorManhattan commented 1 year ago

💡 Feature/Idea

On macOS, we can improve SSH security by adding our keys to the Secure Enclave. Detect the presence of secretive and if it is installed then move all the keys in the ~/.ssh folder to the Secure Enclave. Add this script to home/.chezmoiscripts/universal and be sure to make sure that the macOS device to Secure Enclave compatible.

:thumbsup: Can you contribute?

No response

enggnr commented 1 year ago

@ProfessorManhattan, Secure Enclave does not allow import/export of keys. Keys that need to be protected using Secure Enclave need to be created using Secure Enclave - details available here and here.

ProfessorManhattan commented 1 year ago

Hey @enggnr -- let's just generate one key of each type and name it id_enclave for instance. That way we leverage / setup the technology in case its ever useful to us.